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DETAILED ACTION 
Claim Rejections - 35 USC § 102 

1. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

2. Claim 31-34 is rejected under 35 U.S.C. 102(b) as anticipated by Patent No. 
5,748,735, Ganesan. 

3. Regarding claim 3 1 , Ganesan disclose a method for accessing information stored 
securely on a file server, the method comprising: 

forwarding to said file server a request for information from a client (Ganesan, col 
11, line 20-21); 

in response to said, request, receiving from said file server said information 
encrypted with a first encryption key (symmetric crypto-key) having an associated first 
decryption key (symmetric crypto-key) that is usable to deciypt said encrypted 
information (Ganesan, col. 6, line 17-20) and at least one access control list entiy 
associated (Yaksha database, Ganesan, col. 9, line 19-20) with a client authorized to at 
least read said information (Ganesan, col. 11, line 25-26), said received at least one enti7 
including said first decryption key encrypted with a second encryption key (file server's 
crypto-key) having an associated second decryption key (Ganesan, col 10, line 20-21) 
that is usable to decrypt said encrypted first deciyption key and that is accessible to said 
client (Ganesan, col 6, line 49-52); 
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decrypting said encrypted first decryption key using said second decryption key to 
obtain said first decryption key (Ganesan, col 6, line 52-54); and 

decrypting said encrypted information using said first decryption key (Ganesan, 
col. 6, line 49-52). 

4. Regarding claim 32, see reasoning to claim 5 stated below. 

5. Regarding claims 33, 34, see reasoning to claim 6 stated below. 

6. Claim 35-37 is rejected under 35 U*S,C. 102(b) as anticipated by Patent No. 
5,495,533, Linehan et al. 

7. Regarding claim 35 Linehan discloses a computer program product including a 
computer readable medium, said computer readable medium having a file server 
computer program stored thereon said file server computer program for execution in a 
computer and comprising: 

progi-am code for storing on said file server information encrypted with a first 
encryption key (file encryption key) having a con-esponding first decryption key that is 
usable to decrypt said encrypted information (Linehan, col. 10, line 39-41), 

program code for storing on said file server an access control list, said access 
control list including at least one enti*y said at least one entry including said first 
decryption key encrypted with a second encryption key (control key, Linehan, col. 9, line 
45-46) associated with one of a plurality of clients authorized (Linehan, col. 9, line 51- 
53) to at least read said information, and having access to a second decryption key 
associated with said second encryption key and usable to deciypt said encrypted first 
decryption key (Linehan, col. 9, line 55-56), 

progi^am code for transmitting to said one of said plurality of clients said encrypted 
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information and said at least one entry ((Linehan, col, 9, line 56-58). 

8. Regarding claim 36 and 37, see reasoning for claim 35 above. 

Claim Rejections - 35 USC § 103 

9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

10. Claims 1,4-7, 13-18 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Patent No. 5,748,735, Ganesan in view of Patent No. 5,495,533, Linehan et al. 

1 1 . Regarding claim 1 , Ganesan discloses a method of operation at a file server, the 
method comprising: 

Storing (i) information encrypted with first encryption key (crypto-key, Ganesan, 
col 10, line 30-34) and (ii) an access control list (authentication server, Ganesan, col. 8, 
line 60-61) usable by said file server to control access to said encrypted information, said 
access control list including an entry that includes an identifier for a client authorized to 
at least read said encrypted information, and a first decryption key (crypto-key) encrypted 
with a second encryption key (session key) wherein said first decryption key is usable to 
decrypt said encrypted information (Ganesan, col. 10, line 50-54), and 

in response to request fi-om said client, transmitting to said client said encrypted 
information and said entry (Ganesan, col. 10, line 48-49, col. 11, line 34-35). 

But fails to show wherein said second encryption key is associated with a second 
decryption key that is usable to deciypt said encrypted first decryption key and that is 
accessible to said client. 
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However Linehan teaches that accessing user is permitted to access the data file; 
the key server sends the key (second decryption key) corresponding to the data file to the 
key client of the accessing user (accessible to client); and the key client of the accessing 
user uses the key to decrypt the encrypted data file (Linehan, col. 5, line 13-16). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Ganesan as per teaching of Linehan to provide an 
improved computing system having improved security in a distributed computing 
environment (Linehan, col. 4, line 26-28). 

12. Regarding claim 4, Ganesan and Linehan discloses claim 1 above, and further 
disclose said transmitting comprises the transmitting to said client said access control list 
(ticket granting ticket fi'om ticket granting server, Ganesan, col 4, line 40-44, col 9, 33- 
34). 

13. Regarding claim 5, Ganesan and Linehan discloses claim 1 above, and further 
disclose said first encryption key and said first decryption key are symmetric (Ganesan, 
col. 10, line 43-44). 

14. Regarding claim 6, Ganesan and Linehan discloses claim 1 above, and further 
disclose said first encryption key comprises one of a public key and a private key of a 
first public/private key pair and said first decryption key comprises the other of said 
public key and said private of said first public/private key pair (Ganesan, col. 10, line 44- 
47). 

15. Regarding claim 7, Ganesan and Linehan discloses claim 1 above, and further 
disclose said identifier includes one of an unencrypted identifier (it is understood by the 
skilled artisan that a file name associated with stored data is an unencrypted identifier and 
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is an inherent feature of a file system that supports the file server, Ganesan, col 11, line 
58-60) and an encrypted identifier (encrypted message authentication check field, 
Linehan, col 8, line 27-30). 

16. Regarding claims 13, Ganesan discloses a method for securely storing 
information on a file server and distributing the stored information, said method 
comprising: 

encrypting information at one of a plurality of clients in communication with said 
file server (Ganesan, col 6, line 5-6, 25), said information being encrypted v^ith a first 
encryption key (symmetric crypto-key) having an associated first decryption key 
(symmetric crypto-key) that is usable to decrypt said encrypted information (Ganesan, 
col 6, line 17-20); 

encrypting said first decryption key with a second encryption key (file server's 
crypto-key) for each of said plurality of clients authorized to at least read said 
information (Ganesan, col 6, line 20-21), wherein each respective one of said second 
encryption keys has a corresponding second decryption key that is usable to deciypt said 
respective encrypted first decryption key and that is retained by the respective one of said 
plurality of clients (Ganesan, col 6, line 49-52); 

forwarding to at least a selected one of said plurality of clients said encrypted 
information and at least one of said entries (Ganesan, col 10, line 46-49) in response to a 
request received at said file server from said selected one of said plurality of clients; 

decrypting said encrypted first deciyption key contained in said at least one of 
said entries utilizing the second decryption key coiresponding to the second encryption 
key for the respective entry (Ganesan, col 10, line 26-28); and 
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decrypting said encrypted information using said first decryption key to obtain 
said information (Ganesan, col. 10, line 45-46; col. 1 1, line 33). 

but fail to show storing said encrypted information on said file server and storing 
on said file server said encrypted first decryption keys as a plurality of entries within an 
access control list, wherein each one of said entries is associated with one of said 
plurality of clients. 

However Linehan teaches that accessing user is permitted to access the data file; 
the key server sends the key (first decryption key) corresponding to the data file to the 
key client of the accessing user (accessible to chent); and the key client of the accessing 
user uses the key to decrypt the encrypted data file (Linehan, col. 5, line 13-16). 
Furthermore, Linehan teaches encrypting the file encryption key (first decryption key), 
under the control key (group encryption key, Linehan, col. 9, line 33-34) 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Ganesan as per teaching of Linehan to provide an 
improved computing system having improved security in a distributed computing 
environment (Linehan, col. 4, line 26-28). 

17. Regarding claim 15, Ganesan and Linehan disclose claim 14 above, and further 
discloses request includes a client identifier (first private key) associated with said 
selected one of said plurality of clients, said entries each include a client identifier 
associated with one of said plurality of clients (Ganesan, col. 10, line 66-67), and wherein 
foi-warding includes fomarding to at least said selected one of said plurality of clients the 
entry including the client identifier that is associated with the client identifier contained 
within said request (Ganesan, col. 1 1, line 10-14). 
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18. Regarding claim 16, Ganesan and Linehan disclose claim 13 above, and further 
discloses fomarding comprises the forwarding to said selected one of said plurality of 
clients said encrypted information and said access control list (ticket granting ticket from 
ticket granting server, Ganesan, col. 4, line 40-44, col. 9, 33-34, col. 10, line 52-53), 

19. Regarding claim 18, Ganesan and Linehan disclose claim 13 above, and further 
discloses first encryption and decryption keys are symmetric (Ganesan, col. 11, line 28- 
29), 

20. Regarding claim 19, Ganesan and Linehan disclose claim 13 above, and further 
discloses first encryption key comprises one of a public key and a private key of a first 
public/private key pair, and the first decryption key comprises the other of said public 
key and said private key of said first public/private key pair (Ganesan, col. 9, line 40-41). 

21. Claims 8-1 1 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Patent No. 5,748,735, Ganesan in view of Patent No. 5,495,533, Linehan et al. in further 
view of "Handbook of Applied Cryptography" by Menezes et al. 

22. Regarding claim 8, Ganesan and Linehan discloses claim 1 above, and further 
disclose entry includes said first decryption key (Ganesan, col. 10, line 39-41) wherein 
said data stream is encrypted with said second encryption key (Ganesan, col. 10, line 50- 
52); and 

transmitting comprises transmitting to said client said encrypted information and 
said access control list key (ticket granting ticket from ticket granting server, Ganesan, 
col. 4, line 40-44, col. 9, 33-34, col. 10, line 52-53), 

but fail to show that said entry includes said first decryption key combined with a 
check value to form a data stream. 
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Menezes teach Message Authentication Codes, MAC, (check value) where the 
originator of a message x (first decryption key) computes a MAC hS^x) over the message 
using a secret MAC key k shared with the intended recipient and send both (effectively x 
II hic(x)) (Menezes, page 364, paragraph 9.6.3, line 3-4). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Ganesan and Linehan as per teaching of Menezes to 
include a MAC to gain the benefit of data integrity on the stream (page 364, paragraph 
9.6.3 title). 

23. Regarding claim 9, Ganesan and Linehan and Menezes disclose claim 8 above 
and further disclose check value (secret MAC key) comprises a value known to said 
client (Menezes, page 364, paragraph 9.6.3, line 3). 

24. Regarding claim 10, Ganesan and Linehan and Menezes disclose claim 8 above 
and further disclose said check value comprises an said client identifier (Menezes, page 
364, paragraph 9.6.3, line 3, Ganesan, col. 9, line 40). 

25. Claim 12 is rejected under 35 U.S.C, 103(a) as being unpatentable over Patent 
No. 5,748,735, Ganesan in view of in view of Patent No. 5,495,533, Linehan et al in 
further view of "Handbook of Applied Cryptography" by Menezes in further view of 
Patent No. 5,787,175, Carter. 

26. Regarding claim 12, Ganesan and Linehan and Menezes disclose claim 8 above 
and but fail to show check value comprises a group identifier that identifies a group of 
said client is a member. 

Carter teach users who are cuirently members of a collaborative group can readily 
information (Carter, col. 6, line 12-13). Structures in the prefix portion support 
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collaborative signatures such that members of the group can digitally sign a particular 
version of the data (Caiter, col. 6, line 16-18). An important aspect of these prefix 
structures is their use of public-key cryptographic (group identifier) methods (Carter, col. 
6, line 25-26). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Ganesan and Linehan and Menezes as per teaching of 
Carter to include collaborative access control to gain the benefit to prevent unauthorized 
access by users whose access right have been revoked (Carter, col 6, line 38-39). 

27. Claim 20 is rejected under 35 U.S.C. 103(a) as unpatentable over Patent No. 
5,787,169, Eldridge et al in view of Patent No. 5,495,533, Linehan et al. 

28. Regarding claim 20, Eldridge discloses a method for storing information securely 
on a file server for access by members of a group, said method comprising: 

identifying the members of said group (user quorum), wherein said group has a 
group identifier (password key), 

encrypting information with a first encryption key having an associated first 
decryption key (Eldridge, col. 2, line 34-37) that is usable to decrypt said encrypted 
information (it is obvious or inherent that the deciyption key is used for decrypt 
encrypted information); 

encrypting said first decryption key with a group encryption key having an 
associated group deciyption key for decrypting data encrypted with said group encryption 
key (Eldridge, col. 2, line 43-47); and 

storing said encrypted information on said file server and storing said encrypted 
first deciyption key on said file server within an access control list (table) associated with 
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said encrypted information and containing, at least at some times, a plurality of encrypted 
first decryption keys (Eldridge, col 2, line 40-48), and 

but fail to show response to a request received at said file server fi*om one of said 
members of said group, forwarding to said one of said members of said group said 
encrypted information and at least said first decryption key encrypted with said group 
encryption key. 

However Linehan teaches that accessing user is permitted to access the data file; 
the key server sends the key (first decryption key) corresponding to the data file to the 
key client of the accessing user (accessible to client); and the key client of the accessing 
user uses the key to decrypt the encrypted data file (Linehan, col 5, line 13-16). 
Furthermore, Linehan teaches encrypting the file encryption key (first decryption key), 
under the control key (group encryption key, Linehan, col. 9, line 33-34) 

Therefore, it would have been obvious to one of ordinary skill in the ait at the 
time of the invention to modify Ganesan as per teaching of Linehan to provide an 
improved computing system having improved security in a distributed computing 
environment (Linehan, col. 4, line 26-28). 

29. Claims 21-30 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Patent No. 5,787,169, Eldridge et al. in view of Patent No. 5,748,735, Ganesan. 

30. Regarding claim 2 1 . Eldridge discloses a method for accessing information 
securely stored on a file server for access by members of a group, said method 
comprising: 

identifying the members of said group, wherein said group has a group identifier 
(Eldridge, col. 2, line 41-42), 
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encrypting information with a first encryption key having an associated first 
decryption key (Eldridge, col. 2, line 26-27, 47) that is usable to decrypt said encrypted 
information; 

encrypting said first decryption key with a group encryption key having an 
associated group decryption key for decrypting data encrypted with said group encryption 
key (Eldridge, col. 2, line 43-47); 

storing said encrypted information on said file server and storing said encrypted 
first decryption key on said file server within an access control list associated with said 
encrypted information and containing, at least at some times, a plurality of encrypted first 
decryption keys (Eldridge, col. 2, line 40-48); 

in a first decrypting, decrypting said encrypted first decryption key with said 
group decryption key to obtain said first decryption key (Eldridge, col. 2, line 34-37); and 

in a second decrypting, decrypting said encrypted information using said first 
decryption key to obtain said information (Eldridge, col 2, line 43-47), 

but fail to show that in response to a request received at said file server from one 
of said members of said group, forwarding to said one of said members of said group said 
encrypted information and at least said encrypted first decryption key encrypted with said 
group encryption key; 

Ganesan teaches that a system where a symmetric crypto-key (first decryption key) 
is encrypted by the security server with a second private key (group encryption key) 
portion of the file server's crypto-key, to form a encrypted key message. The message is 
foi-warded to the user (Ganesan, col. 6, line 17-20, 22-23). 
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Therefore, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Eldridge as per teaching of Ganesan to ensure that only 
the appreciate file server will have access to the symmetric crypto-key (Ganesan, col. 6, 
line 20-22). 

3 1 . Regarding claim 22, Eldridge and Ganesan disclose claim 21 above, and further 
discloses distributing said group decryption key to said members of said group and said 
first decrypting comprises decrypting the encrypted first decryption key by said one of 
said members of said group using the distributed group decryption key (Ganesan, coL 10, 
line 5-8). 

32. Regarding claim 23, Eldridge and Ganesan disclose claim 21 and further discloses 
first decrypting comprises: 

forwarding said encrypted first decryption key to a group server associated with 
said group identifier (Eldridge, col 2, line 40-48); 

decrypting said encrypted first deciyption key at said group server using said 
group decryption key (Eldridge, col. 2, line 43-47); and 

fomarding said first decryption key to said one of said group members (Ganesan, 
col. 10, line 50-52). 

33. Regarding claim 24, Eldridge and Ganesan disclose claim 23 above, and further 
discloses forwarding said first decryption key to said one of said group members 
comprises forwarding the first decryption key to said one of said group member over a 
secure channel (Ganesan, col. 10, line 25-28). 

34. Regarding claim 25, Eldridge and Ganesan disclose claim 24 above, and further 
discloses secure channel is a physically secure channel (Ganesan, col 8, line 16-21). 
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35. Regarding claim 26, Eldridge and Ganesan disclose claim 24 above, and further 
discloses secure channel comprises a non-secure communications path and forwarding 
the first decryption key to said one of said group members over a secure channel 
comprises: 

encrypting said first decryption key with a third encryption key having an 
associated third decryption key known to said one of said group members (Ganesan, col. 
10, line 25-28); 

forwarding to said one of said group members said encrypted first decryption key 
encrypted with said third encryption key (Eldridge, col. 2, line 40-48); and 

decrypting by said one of said group members, said encrypted first decrypted key 
encrypted with said third encryption key using said third decryption key (Ganesan, col. 
10, line 27). 

36. Regarding claim 27, 30, Eldridge and Ganesan disclose claim 26 above, and 
further discloses the third encryption key comprises a public key of a member 
public/private key pair and wherein said third deciyption key comprises the member 
private key of said member public/private key pair (Ganesan, col. 8, line 15-16; col. 9, 
line 67; col. 10, line 1-2). 

37. Regarding claim 28, 29, Eldridge and Ganesan disclose claim 26 above, and 
further discloses third encryption and decryption keys are symmetric (Ganesan, col. 9, 
line 60-62). 

Response to Arguments 

38. Applicant's arguments with respect to claim 1, 4-10, and 12 have been considered 
but are moot in view of the new ground(s) of rejection. 
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39. Applicant's arguments with respect to claim 13,15-19, and 3 1 -37 have been 
considered but are moot in view of the new ground(s) of rejection. 

40. Applicant's arguments with respect to claim 21-30 have been considered but are 
moot in view of the new ground(s) of rejection. 

Conclusion 

4 1 . THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of 
time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of the 
advisory action. In no event, however, will the statutory period for reply expire later than 
SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Mossadeq Zia whose telephone number is 703-305-8425. 
The examiner can nomially be reached on Monday-Friday between 8:30am - 5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Greg Morse can be reached on 703-308-4789. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 
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Examiner 
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